About the Author

About the Author

Earl Carter has been working in the field of computer security for about ten years. He started learning about computer security while working at the Air Force Information Warfare Center. Earl's primary responsibility there was securing Air Force networks against cyber attacks. In 1998, he accepted a job with Cisco Systems to perform IDS research for NetRanger (currently Cisco IDS) and NetSonar (Cisco Secure Scanner). Earl spent approximately one year writing signatures for NetRanger and developing software modules for NetSonar. Currently, he is a member of the Security Technologies Assessment Team at Cisco. This team is part of the Consulting Engineering department. Earl's duties involve performing security evaluations on numerous Cisco products as well as consulting with other teams at Cisco to help enhance the security of Cisco products. He has examined various products, from the PIX Firewall to the Cisco CallManager. Presently, Earl holds a CCNA certification and is working on earning his CCIE certification with a security emphasis.

In his spare time, Earl is very active at church as a youth minister and lector. He also enjoys training in taekwondo, in which he currently holds a second-degree black belt and is working on becoming a certified American Taekwondo Association (ATA) instructor.

About the Technical Reviewers

Jerry Lathem has been working with computers for 25 years and in the field of computer security for 15 years. He worked for ten years with the U.S. Department of Defense as a research engineer, working on both information security and computer security. He joined the WheelGroup Corporation (later acquired by Cisco) early in its start-up phase. He has a wide variety of experience, including performing security assessments, developing both defensive and offensive software, and prototyping the first Cisco IDS module for the Catalyst switches. He is currently one of the lead developers for the sensing technology in the Cisco IPS product line.

Shawn Merdinger is an independent security researcher based in Austin, Texas. He previously worked for the Cisco Systems Security Technologies Assessment Team (STAT) where he performed security evaluations on Cisco products. Shawn holds a master's degree from the University of Texas at Austin where he focused on computer and network security.

Marcus Sitzman, CCIE No. 9004, is a network security engineer in the Advanced Services for Network Security team at Cisco Systems. He has more than eight years of experience in the networking field. Since joining Cisco in 2000, he has continued to focus on security technologies and products. He currently provides Cisco customers with security consulting services, including security posture assessments, security designs reviews, and security product implementations. He is a repeat technical speaker at the Cisco Networkers conventions as well as other security conferences.


First, I want to say that many people helped me during the writing of this book (too many to list here). Everyone I have dealt with has been very supportive and cooperative. There are, however, several people who I think deserve special recognition.

I want to thank Jeanne Jackson (the Cisco IPS course developer) and everyone else who contributed to the course's development. The course material provided me with the foundation on which to develop this book. The technical editors, Marcus Sitzman, Shawn Merdinger, and Jerry Lathem supplied me with their excellent insight and greatly improved the accuracy and clarity of the text.

Finally, I want to thank Jesus Christ for gracing me with numerous gifts throughout my life, such as my understanding family members, who have helped me through the many long hours (and late nights) writing this book.